Category Archives: Design

Directing Ourselves Away From Directories

Well, after trying out several unsuccessful configurations aimed at managing my bookmarks, I’ve finally embraced that which is del.icio.us. It’s the only free solution that provides the mobility I’ve been looking for.

It’s taken me some time to get used to the whole “social” part of social bookmarking, but I think it’s finally grown on me. I’ve even managed to find several useful links on occasions when boredom drove me to browse the links posted by other users. The only major pain was importing and categorizing the 250+ links I had already amassed over the last few years, but on the positive side I did manage to weed out several that were broken and unused.

The ability to assign multiple categories to links is what really makes del.icio.us stand out for me. When I was still using a directory structure to categorize links, there were several times when I couldn’t decide whether a particular link belonged in one category or another. Inevitibly, when I came back to look for it later, I would have to browse at least 3 different folders to find out which one I put it in.

I’ve found that I have this same problem with folders on my machine. I tend to be a file packrat, so there’s quite a bit of stuff in there. There are times with the limitations of the underlying Windows directory structure hinder my ability to organize my files. I haven’t tried the beta yet, but Windows Vista is supposed to provide a whole new level of file organization that circumvents the inherent limitations of directories. I’m not sure if that means you can assign multiple categories to files or not, but certainly any step in that direction would be useful indeed.

At any rate, you can scope out my most current bookmarks by going to del.icio.us/synthetik.

Error 0x00FC: Too Many Passwords

I’m really beginning to tire of keeping up with the 50 or so different usernames and passwords required to access the various web sites and software packages I use. It seems that every site nowadays requires a login to access even the most insignificant content. Sadly, services such as BugMeNot have provided little relief for this growing annoyance.

What complicates this problem is the advice given by the majority of online security specialists:

  • Never use the same username/password combination on more than one site.
  • Change your passwords often.
  • Make your passwords as complex as you can by adding numbers and symbols.
  • Never keep your usernames/passwords written on paper or a digital document

Dilbert-20050910Yeah.

So in order for me to protect myself as fully as possible, I need to keep track of 50+ different sets of obfuscated credentials for 50+ different sites without the luxury of writing them down anywhere, and then change them at least once a month!?

“So Kody,” you may ask, “why don’t you just use one of the many AutoFill tools freely available from various web browsers and toolbars?” My answer is simple: Lack of mobility. What happens when I am using a public terminal or a computer in a lab or at a friend’s house? By relying on AutoFill tools at home, my ability to remember my credentials while away from my computer would atrophy.

And what happens when I let someone else use my computer to look something up? I never check any of those boxes that say, “Always keep me logged in” or “Remember my password,” so why would I want AutoFill software to automatically insert my personal information into a web form regardless of the user? [See comments below for an explanation on why this was scratched. –km]

As more and more sites require verification, the deep wisdom of Microsoft’s Passport service is becoming all too clear. I’ll admit I was wary of Passport in the beginning, given all the privacy concerns of entrusting access to multiple websites to a single entity (especially when that entity is Microsoft). However, I am finding it more and more tempting to embrace such a service if it means that I don’t have to keep track of dozens of username/password combinations.

Unfortunately, even if I wanted to take advantage of Microsoft’s Passport, it’s not supported on 99% of the sites I would need it for. Even more unfortunate, no other comparable service exists. I’m starting to think that the web is in dire need of a universal credential service with the stigmas associated with Microsoft’s “we want to own everything” corporate image.

So how do intelligent people manage their login information without resorting to the practices of the overtly paranoid? Am I just missing something here? I know there are various password management services available online and for PDAs, but are they actually useful?

I don’t know. Maybe this is just another incentive to do away with usernames and passwords altogether in favor of biometric identification. All I know is that if things don’t improve soon, I may have to resort to shoving a few 1GB sticks of RAM up my nose and hope it’s compatible.

The Omnipresent EULA

If you’ve ever installed a program on your computer, you probably at some point had to agree to an exhaustive license agreement before you could begin the installation process. The End User License Agreement, or EULA, for short, is typically about ten printed pages worth of legalese squashed into a 3-inch square box.

I will be the first to admit that I have probably only read one (that of EverQuest, if I recall) of the license agreements of the plethora of software I’ve ever installed. God knows what I’ve agreed to by just blindly clicking, “Yes, I agree” and continuing on my merry way. I could have very well agreed to turn my residence into a halfway house for unemployed game developers. I would conjecture that very few others have even read the full text of a EULA, except this one guy who got $1,000 from a company because he actually read their license agreement.

This brings up an important consideration: How well can EULAs stand in court? I suppose technically they should be legally binding, since the user is technically supposed to read the agreement before clicking “I Agree.” It seems to me, though, that any judge with any sense at all could see that EULAs are specifically designed to confuse users. You almost wonder if software companies don’t want users to read their licensing agreements. *cough*spyware*cough* I certainly know I can’t afford to have a lawyer translate for me each time I wish to install software, and I doubt I’m alone in that respect.

Even more harrowing is an article posted on Slashdot a couple months ago about a gamer who purchased a used copy of Blizzard’s World of Warcraft, the current flavor of the year MMORPG. He found that he could not create his own account with that particular copy’s authentication key because the former owner already had – even though he canceled his account. To quote directly:

Note that section 3B in the EULA explicitly grants its users the ability to transfer the physical property and “all of your rights and obligations under the License Agreement”, presumably including the Authentication Key which is needed when creating a new account. What Blizzard expressly disallows is the transfer of accounts, according to Section 1E of their Terms of Use, which is not at issue here. Apparently, Blizzard is allowing each Authentication Key to be used only once, preventing anyone with a used copy of the game from creating a new account. Is Blizzard violating the terms of their own EULA?

Though I’m not certain of what became of this, but it seemed to be quite an issue when Blizzard was throttling sales of the game because their servers were overburdened by the amount of people already playing. It was nearly impossible to buy the game at retail, so a logical alternative would have been to buy a used copy from someone who already played the game and did not like it. It’s not like these people are stealing anything. They want to play the game, and they want to pay Blizzard the monthly fee to do it.

If you ask me, EULAs are getting out of hand.